From d85a50be270986047abe6a4ce8c5c81b32e239ec Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adri=C3=A1n=20Oliva?= Date: Sat, 27 May 2023 15:18:58 -0600 Subject: Maybe a better way to allow Front End access API. Instead of setting all origins as valid, set only our origin as valid. --- src/main/java/com/encora/Main.java | 22 ++++++++++------------ 1 file changed, 10 insertions(+), 12 deletions(-) (limited to 'src/main') diff --git a/src/main/java/com/encora/Main.java b/src/main/java/com/encora/Main.java index 14026af..1478229 100644 --- a/src/main/java/com/encora/Main.java +++ b/src/main/java/com/encora/Main.java @@ -2,12 +2,9 @@ package com.encora; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; -import org.springframework.context.annotation.Bean; import org.springframework.data.domain.Sort; import org.springframework.http.HttpStatus; import org.springframework.web.bind.annotation.*; -import org.springframework.web.servlet.config.annotation.CorsRegistry; -import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; import java.util.Date; import java.util.List; @@ -17,15 +14,8 @@ import java.util.Objects; @RestController @RequestMapping("v1") public class Main { - @Bean - public WebMvcConfigurer corsConfigurer() { - return new WebMvcConfigurer() { - @Override - public void addCorsMappings(CorsRegistry registry) { - registry.addMapping("/**").allowedOrigins("*"); - } - }; - } + // Edit this origin and set where the Front End is allocated. + private static final String allowed_origin = "http://localhost:8080/"; private final ToDosRepository toDosRepository; @@ -43,6 +33,7 @@ public class Main { // Get all to dos. + @CrossOrigin(origins=allowed_origin) @GetMapping("/todos") @ResponseStatus(value=HttpStatus.OK) public List getToDos() { @@ -60,6 +51,7 @@ public class Main { ) { } + @CrossOrigin(origins=allowed_origin) @PostMapping("/todos") @ResponseStatus(value=HttpStatus.OK) public void addToDo(@RequestBody toDoBody toDo) { @@ -78,6 +70,7 @@ public class Main { @ResponseStatus(value=HttpStatus.BAD_REQUEST, reason="No to do with such index.") public static class toDoNotFound extends RuntimeException {} + @CrossOrigin(origins=allowed_origin) @PutMapping("/todos/{id}") @ResponseStatus(value=HttpStatus.OK) public void editToDo(@PathVariable("id") Integer id, @RequestBody toDoBody toDo) { @@ -94,6 +87,7 @@ public class Main { // Deletes a to do by index. + @CrossOrigin(origins=allowed_origin) @DeleteMapping("/todos/{id}") @ResponseStatus(value=HttpStatus.OK) public void removeToDo(@PathVariable("id") Integer id) { @@ -102,6 +96,7 @@ public class Main { // Update a to do with "done". + @CrossOrigin(origins=allowed_origin) @PostMapping("/todos/{id}/done") @ResponseStatus(value=HttpStatus.OK) public void setDone(@PathVariable("id") Integer id) { @@ -116,6 +111,7 @@ public class Main { // Update a to do to set "done" as false. + @CrossOrigin(origins=allowed_origin) @PutMapping("/todos/{id}/undone") @ResponseStatus(value=HttpStatus.OK) public void setUndone(@PathVariable("id") Integer id) { @@ -136,6 +132,7 @@ public class Main { enum SortingOrders { ASC, DESC } + @CrossOrigin(origins=allowed_origin) @GetMapping("/todos/{field}/{order}") @ResponseStatus(value=HttpStatus.OK) public List getSortedToDos(@PathVariable("field") SortingsFields field, @PathVariable("order") SortingOrders order) { @@ -156,6 +153,7 @@ public class Main { ) { } + @CrossOrigin(origins=allowed_origin) @GetMapping("/todos/filter") @ResponseStatus(value=HttpStatus.OK) public List getFilteredToDos(@RequestBody toDoFilters filters) throws Exception { -- cgit v1.2.3